Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2015-6039

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security Feature Bypass Vulnerability."

  • Published: Oct 14, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-6039
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
microsoft / sharepoint_foundation 2013-sp1 2013-sp1.x
microsoft / sharepoint_server 2013-sp1 2013-sp1.x